Hi, Sasson.
I think, we need the following setsockopt option
in snmplib/snmpTCPIPv6Domin.c as the same as snmplib/snmpUDPIPv6Domain.c.
--------------------------------------------------------------------------
lines 267-275 in snmplib/snmpUDPIPv6Domain.c
#ifdef IPV6_V6ONLY
/* Try to restrict PF_INET6 socket to IPv6 communications only. */
{
int one=1;
if (setsockopt(t->sock, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&one,
sizeof(one)) != 0) {
DEBUGMSGTL(("netsnmp_udp6", "couldn't set IPV6_V6ONLY to %d bytes:
%s\n", one, strerror(errno)));
}
}
#endif
--------------------------------------------------------------------------
There is no corrsponding part in snmplib/snmpTCPIPv6Domain.c.
I think that is the reason you meet a trouble in listening both tcp and tcp6.
Thank you very much for your report.
If possible, I will make a patch for snmplib/snmpTCPIPv6Domain.c.
Katsuhisa ABE
Cyber Solutions Inc.
From: "sasson, shuki" <[EMAIL PROTECTED]>
Subject: Using Net-Snmp for IPv6 and IPv4 simultaneously for both TCP and UDP.
Date: Tue, 25 Jan 2005 11:51:19 -0500
Message-ID: <[EMAIL PROTECTED]>
sasson_shuki> Hi all, I am running snmpd on Fedora Core 3. I am trying to make
snmpd open
sasson_shuki> port 161 for listening for both TCP and UDP and for both IPv4 and
IPv6. I am
sasson_shuki> getting error messages:
sasson_shuki> [EMAIL PROTECTED] .libs]# /usr/local/sbin/snmpd udp:161
tcp:161 udp6:161
sasson_shuki> tcp6:161 -f -L -d
sasson_shuki> Error opening specified endpoint "tcp6:161"
sasson_shuki> Server Exiting with code 1
sasson_shuki> [EMAIL PROTECTED] .libs]#
sasson_shuki>
sasson_shuki> When I remove one of either tcp6:161 or tcp:161 it works fine.
sasson_shuki>
sasson_shuki> When trying to use two processes to to the same:
sasson_shuki> [EMAIL PROTECTED] .libs]# /usr/local/sbin/snmpd udp:161
tcp:161 udp6:161
sasson_shuki> -f -L -d ---- Works fine.
sasson_shuki>
sasson_shuki> >From another window:
sasson_shuki> [EMAIL PROTECTED] net-snmp-5.2]# /usr/local/sbin/snmpd
tcp6:161 -f -L -d
sasson_shuki>
sasson_shuki> Error opening specified endpoint "tcp6:161"
sasson_shuki>
sasson_shuki> Additional Information
sasson_shuki> When I run snmpwalk on the snmpd after running it for the
following option:
sasson_shuki> /usr/local/sbin/snmpd udp:161 tcp:161 udp6:161 -f -L -d
sasson_shuki> It has succeeded for both TCP and TCP6.
sasson_shuki>
sasson_shuki> What I Think is Happening
sasson_shuki> The bind for listening for any TCP IPv6 address port 161 is also
sasson_shuki> automatically listening to any IPv4 address.
sasson_shuki> My questions are::
sasson_shuki> 1. Is there a way to configure the agent to listen to any IPv6
address but
sasson_shuki> not any IPv4 address?
sasson_shuki> 2. Is that a limitation of the OS socket interface?
sasson_shuki> 3. Is that specific to the Fedora OS or we will see the same
behavior on
sasson_shuki> other platforms?
sasson_shuki> 4. Having unnecessary port open (TCP IPv4 161) in the case when a
system
sasson_shuki> wants to listen to only IPv6 addresses is not a good practice.
Security is
sasson_shuki> one of the top priorities these days. Are there any plans to fix
this?
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
